File Download

There are no files associated with this item.

  Links for fulltext
     (May Require Subscription)
Supplementary

Conference Paper: Hopper: Interpretative Fuzzing for Libraries

TitleHopper: Interpretative Fuzzing for Libraries
Authors
KeywordsAutomated Test Generation
Code Synthesis
Fuzzing
Interpreter
Vulnerability Detection
Issue Date2023
Citation
CCS 2023 - Proceedings of the 2023 ACM SIGSAC Conference on Computer and Communications Security, 2023, p. 1600-1614 How to Cite?
AbstractDespite the fact that the state-of-the-art fuzzers can generate inputs efficiently, existing fuzz drivers still cannot adequately cover entries in libraries. Most of these fuzz drivers are crafted manually by developers, and their quality depends on the developers' understanding of the code. Existing works have attempted to automate the generation of fuzz drivers by learning API usage from code and execution traces. However, the generated fuzz drivers are limited to a few specific call sequences by the code being learned. To address these challenges, we present Hopper, which can fuzz libraries without requiring any domain knowledge to craft fuzz drivers. It transforms the problem of library fuzzing into the problem of interpreter fuzzing. The interpreters linked against libraries under test can interpret the inputs that describe arbitrary API usage. To generate semantically correct inputs for the interpreter, Hopper learns the intra- and inter-API constraints in the libraries and mutates the program with grammar awareness. We implemented Hopper and evaluated its effectiveness on 11 real-world libraries against manually crafted fuzzers and other automatic solutions. Our results show that Hopper greatly outperformed the other fuzzers in both code coverage and bug finding, having uncovered 25 previously unknown bugs that other fuzzers couldn't. Moreover, we have demonstrated that the proposed intra- and inter-API constraint learning methods can correctly learn constraints implied by the library and, therefore, significantly improve the fuzzing efficiency. The experiment results indicate that Hopper is able to explore a vast range of API usages for library fuzzing out of the box.
Persistent Identifierhttp://hdl.handle.net/10722/347087

 

DC FieldValueLanguage
dc.contributor.authorChen, Peng-
dc.contributor.authorXie, Yuxuan-
dc.contributor.authorLyu, Yunlong-
dc.contributor.authorWang, Yuxiao-
dc.contributor.authorChen, Hao-
dc.date.accessioned2024-09-17T04:15:17Z-
dc.date.available2024-09-17T04:15:17Z-
dc.date.issued2023-
dc.identifier.citationCCS 2023 - Proceedings of the 2023 ACM SIGSAC Conference on Computer and Communications Security, 2023, p. 1600-1614-
dc.identifier.urihttp://hdl.handle.net/10722/347087-
dc.description.abstractDespite the fact that the state-of-the-art fuzzers can generate inputs efficiently, existing fuzz drivers still cannot adequately cover entries in libraries. Most of these fuzz drivers are crafted manually by developers, and their quality depends on the developers' understanding of the code. Existing works have attempted to automate the generation of fuzz drivers by learning API usage from code and execution traces. However, the generated fuzz drivers are limited to a few specific call sequences by the code being learned. To address these challenges, we present Hopper, which can fuzz libraries without requiring any domain knowledge to craft fuzz drivers. It transforms the problem of library fuzzing into the problem of interpreter fuzzing. The interpreters linked against libraries under test can interpret the inputs that describe arbitrary API usage. To generate semantically correct inputs for the interpreter, Hopper learns the intra- and inter-API constraints in the libraries and mutates the program with grammar awareness. We implemented Hopper and evaluated its effectiveness on 11 real-world libraries against manually crafted fuzzers and other automatic solutions. Our results show that Hopper greatly outperformed the other fuzzers in both code coverage and bug finding, having uncovered 25 previously unknown bugs that other fuzzers couldn't. Moreover, we have demonstrated that the proposed intra- and inter-API constraint learning methods can correctly learn constraints implied by the library and, therefore, significantly improve the fuzzing efficiency. The experiment results indicate that Hopper is able to explore a vast range of API usages for library fuzzing out of the box.-
dc.languageeng-
dc.relation.ispartofCCS 2023 - Proceedings of the 2023 ACM SIGSAC Conference on Computer and Communications Security-
dc.subjectAutomated Test Generation-
dc.subjectCode Synthesis-
dc.subjectFuzzing-
dc.subjectInterpreter-
dc.subjectVulnerability Detection-
dc.titleHopper: Interpretative Fuzzing for Libraries-
dc.typeConference_Paper-
dc.description.naturelink_to_subscribed_fulltext-
dc.identifier.doi10.1145/3576915.3616610-
dc.identifier.scopuseid_2-s2.0-85179852147-
dc.identifier.spage1600-
dc.identifier.epage1614-

Export via OAI-PMH Interface in XML Formats


OR


Export to Other Non-XML Formats